Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.14 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenVPN vulnerabilities (USN-8286-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8286-1 advisory. Guannan Wang, Zhanpeng Liu, Guancheng Li, and Emma Reuter discovered that OpenVPN incorrectly handled suitably malformed...

6.9CVSS5.6AI score0.00317EPSS
Exploits0References3
OSV
OSV
added 2026/05/20 1:16 p.m.5 views

USN-8286-1 openvpn vulnerabilities

Guannan Wang, Zhanpeng Liu, Guancheng Li, and Emma Reuter discovered that OpenVPN incorrectly handled suitably malformed packets with valid tls-crypt-v2 keys. An attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. CVE-2026-35058 Guannan Wang, Zhanpe...

6.9CVSS5.8AI score0.00317EPSS
Exploits0References3
Mageia
Mageia
added 2026/05/10 2:43 a.m.11 views

Updated openvpn packages fix security vulnerabilities

CVE-2026-35058 - fix server ASSERT on receiving a suitably malformed packet with a valid tls-crypt-v2 key CVE-2026-40215 - fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances...

6.9CVSS5.8AI score0.00317EPSS
Exploits0References4
OSV
OSV
added 2026/05/10 2:43 a.m.8 views

MGASA-2026-0126 Updated openvpn packages fix security vulnerabilities

CVE-2026-35058 - fix server ASSERT on receiving a suitably malformed packet with a valid tls-crypt-v2 key CVE-2026-40215 - fix race condition in TLS handshake that could lead to leaking of packet data from a previous handshake under specific circumstances...

6.9CVSS5.8AI score0.00317EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.10 views

PT-2026-36645

Name of the Vulnerable Software and Affected Versions OpenVPN versions 2.6.0 through 2.6.19 OpenVPN versions 2.7 alpha1 through 2.7.1 Description A race condition occurs during the TLS handshake, specifically during TLS session promotion. This issue can be triggered by remote attackers, potential...

6.9CVSS5.5AI score0.00317EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.11 views

PT-2026-36643

Name of the Vulnerable Software and Affected Versions OpenVPN affected versions not specified Description An issue exists in the tls crypt v2 extract client key function where an uncontrolled assertion is reachable. A remote attacker can trigger a denial of service by sending a suitably malformed...

6.9CVSS5.7AI score0.00317EPSS
Exploits0References33
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-32686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN,...

5.9CVSS6.8AI score0.02082EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/06/01 2:24 a.m.3 views

SUSE CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution Why Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and...

4.7CVSS6.4AI score0.00159EPSS
Exploits0References10
OSV
OSV
added 2024/05/30 3:15 p.m.10 views

AZL-67985 CVE-2024-36024 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution Why Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and...

4.7CVSS5.7AI score0.00159EPSS
Exploits0References1
OSV
OSV
added 2024/05/30 3:15 p.m.14 views

AZL-62809 CVE-2024-36024 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution Why Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and...

4.7CVSS5.7AI score0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/24 12:0 a.m.8 views

PT-2024-26851

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a race condition in the Linux kernel where DMCUB is committing to IPS1 during the handshake, causing a transition into IPS2 to be missed and resulting in a HW han...

4.7CVSS5.7AI score0.00159EPSS
Exploits0
OSV
OSV
added 2023/12/14 8:15 p.m.3 views

DEBIAN-CVE-2023-49786

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when...

5.9CVSS6.4AI score0.05338EPSS
Exploits2References1
OSV
OSV
added 2023/12/14 8:15 p.m.4 views

ALPINE-CVE-2023-49786

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when...

5.9CVSS6.7AI score0.05338EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.3 views

PT-2023-7749 · Sangoma +2 · Asterisk +2

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.20.1 Asterisk versions prior to 20.5.1 Asterisk versions prior to 21.0.1 Certified Asterisk versions prior to 18.9-cert6 Description: The issue is caused by a race condition in the hello handshake phase of the DT...

9.8CVSS6.1AI score0.4557EPSS
Exploits13References66
Rows per page
Query Builder